Ex-Google Security Leaders Raise $13M to Combat Email Threats

The Rise of AI-Powered Email Security: AegisAI

The increasing sophistication of AI-driven hacking techniques is prompting a new wave of defense. Former security leaders from Google have collaborated to create AegisAI, a company focused on utilizing autonomous AI agents to proactively combat phishing, malware, and business email compromise.

The Growing Threat Landscape

Cyberattacks overwhelmingly originate with phishing emails. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), over 90% of successful breaches begin this way.

Recent research from CrowdStrike indicates that phishing messages generated by Large Language Models (LLMs) demonstrate a significantly higher click-through rate – 54% in 2024 – compared to the 12% rate observed with emails crafted by humans.

Introducing AegisAI's Autonomous Agents

AegisAI addresses this escalating threat through a network of autonomous AI agents. These agents work to inspect, analyze, and neutralize email threats in real-time, functioning independently of rigid, pre-defined rules.

This innovative approach contrasts with conventional email security platforms that often rely on static rules and necessitate extensive user training.

Founding and Expertise

The startup was founded by Cy Khormaee and Ryan Luo, both former executives from Google’s Safe Browsing and reCAPTCHA teams.

Khormaee, formerly head of product and director of product management at Google for over five years, oversaw the security measures protecting Google, its users, and numerous websites from online threats.

He emphasized the core problem they aim to solve: “The sum of all evil is a PDF attachment in an email. That’s always where all the attacks started, and so I really wanted to solve this problem.”

Leveraging Google's Security Insights

Khormaee’s tenure at Google provided invaluable experience in developing and deploying phishing-detection technologies.

He gained a comprehensive understanding of security challenges from Google’s perspective, as well as the strategies for rapidly developing and scaling security solutions.

Prior to Google, Khormaee founded Contastic, a sales intelligence platform later acquired by SugarCRM. He also held a leadership role at Attentive before establishing AegisAI.

How AegisAI's Agents Function

AegisAI employs reasoning agents, each a specifically tuned LLM designed to address a particular threat.

When a potential threat is identified, the orchestrating agent activates a network of specialized “buddy” agents. These agents collaborate to analyze the situation and provide a conclusive assessment.

The agents conduct comprehensive real-time analysis of all email components, including links, attachments, metadata, QR codes, and behavioral patterns.

A Proactive and Adaptive Approach

Khormaee explained that their approach is built on the knowledge gained from years of battling adversaries at Google: “What we know from building these tools at Google is what all the things are about an email you need to analyze? What are all the data sources? What are all the techniques for spotting invasion, and all the nasty stuff adversaries do that we’ve seen over 10 years of playing chess with these adversaries?”

The company anticipates expanding its agent network to potentially 50 to 100 agents as attackers refine their tactics.

“I fully believe that in two years, adversaries will understand what we’re doing. They’ll retool and attack what we’re doing, and then we’ll need to build more agents to stay ahead of them,” Khormaee stated.

Beyond Rules: AI-Driven Self-Improvement

Unlike traditional rule-based systems, AegisAI’s AI agents continuously learn and adapt to new attack variants in real-time.

The startup has developed specialized AI models for diverse threats and industries, including venture capital and financial services.

Reduced False Positives and Rapid Deployment

AegisAI claims its agents significantly reduce false positives – by as much as 90% – compared to conventional email security solutions.

Installation is streamlined via an API, taking “no more than five minutes” for Google Workspace or Microsoft 365 accounts.

Following setup, a report detailing the system’s findings is generated within a couple of days, followed by a week-long read-only monitoring period before quarantine is activated.

Current Status and Future Plans

“It’s so hard without this technology to solve this very heterogeneous problem in email,” Khormaee noted.

AegisAI, with offices in San Francisco and New York, is currently piloting its technology with customers in the U.S. and Europe.

The company has already secured three paying customers, including Lokker and Mesh Connect, and currently employs a team of six.

The recent $13 million in seed funding will be used to expand the technical team and build a robust go-to-market strategy.